Beginner's Tutorial

System Encryption

 Supported Systems

 Hidden Operating System

 Rescue Disk

Plausible Deniability

 Hidden Volume

  Protection of Hidden Vol.

  Security Requirements

 Hidden Operating System



Hardware Acceleration

Encryption Algorithms





Hash Algorithms




Technical Details


 Encryption Scheme

 Modes of Operation

 Header Key Derivation

 Random Number Gen.


 Volume Format Spec.

 Standards Compliance

 Source Code

TrueCrypt Volume

 Creating New Volumes

 Favorite Volumes

 System Favorite Volumes

Main Program Window

 Program Menu

 Mounting Volumes

Supported Systems

Portable Mode


Tokens & Smart Cards

Language Packs

Hot Keys

Security Model

Security Requirements

 Data Leaks

  Paging File

  Hibernation File

  Memory Dump Files

 Unencrypted Data in RAM

 Physical Security


 Multi-User Environment

 Authenticity and Integrity

 New Passwords & Keyfiles

 Password/Keyfile Change

 Trim Operation


 Reallocated Sectors


 Journaling File Systems

 Volume Clones

 Additional Requirements

Command Line Usage

Backing Up Securely


 Use Without Admin Rights

 Sharing over Network

 Background Task

 Removable Medium Vol.

 TrueCrypt System Files

 Removing Encryption

 Uninstalling TrueCrypt

 Digital Signatures



Issues and Limitations


Future Development


Version History



Security Requirements and Precautions >  Multi-User Environment Search


Please consider making a donation.

   Donate Now >> Donate   

Multi-User Environment

Keep in mind, that the content of a mounted TrueCrypt volume is visible (accessible) to all logged on users. NTFS file/folder permissions can be set to prevent this, unless the volume is mounted as removable medium under a desktop edition of Windows Vista or later (sectors of a volume mounted as removable medium may be accessible at the volume level to users without administrator privileges, regardless of whether it is accessible to them at the file-system level).

Moreover, on Windows, the password cache is shared by all logged on users.

Also note that switching users in Windows XP or later (Fast User Switching functionality) does not dismount a successfully mounted TrueCrypt volume (unlike system restart, which dismounts all mounted TrueCrypt volumes).

On Windows 2000, the container file permissions are ignored when a file-hosted TrueCrypt volume is to be mounted. On all supported versions of Windows, users without administrator privileges can mount any partition/device-hosted TrueCrypt volume (provided that they supply the correct password and/or keyfiles). A user without administrator privileges can dismount only volumes that he or she mounted. However, this does not apply to system favorite volumes unless you enable the option (disabled by default) Settings > 'System Favorite Volumes' > 'Allow only administrators to view and dismount system favorite volumes in TrueCrypt'.

  Next Section >>

Legal Notices

 Ads by Google